---
# OpenVpn server

- name: Install needed packages
  yum: pkg={{ item }} state=present
  with_items:
  - openvpn
  tags:
  - packages
  - openvpn

- name: Install configuration files
  copy: src={{ item.file }}
        dest={{ item.dest }}
        owner=root group=root mode={{ item.mode }}
  with_items:
  - { file: client.conf,
      dest: /etc/openvpn/openvpn.conf,
      mode: '0644' }
  - { file: "{{ puppet_private }}/vpn/openvpn/keys/{{ inventory_hostname }}.crt",
      dest: "/etc/openvpn/client.crt",
      mode: '0600' }
  - { file: "{{ puppet_private }}/vpn/openvpn/keys/{{ inventory_hostname }}.key",
      dest: "/etc/openvpn/client.key",
      mode: '0600' }
  tags:
  - install
  - openvpn
  notify:
  - restart openvpn (Fedora)
  - restart openvpn (RHEL7)
  - restart openvpn (RHEL6)

- name: enable openvpn service for rhel 6
  service: name=openvpn state=running enabled=true
  when: ansible_distribution_version[0] == 6
  tags:
  - service
  - openvpn

- name: enable openvpn service for rhel 7 or Fedora
  service: name=openvpn@openvpn state=running enabled=true
  when: ansible_distribution_version[0] == 7 or is_fedora is defined
  tags:
  - service
  - openvpn

